# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.

########################################################################
# OPENAPI-URI: /api/sources
########################################################################
# delete:
#   requestBody:
#     content:
#       application/json:
#         schema:
#           $ref: '#/components/schemas/SourceID'
#     description: Source ID info
#     required: true
#   security:
#   - cookieAuth: []
#   summary: Delete an existing source
# get:
#   responses:
#     '200':
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/SourceList'
#       description: 200 Response
#     default:
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/Error'
#       description: unexpected error
#   security:
#   - cookieAuth: []
#   summary: Fetches a list of all sources for this organisation
# patch:
#   requestBody:
#     content:
#       application/json:
#         schema:
#           $ref: '#/components/schemas/Source'
#     description: New source data to set
#     required: true
#   responses:
#     '200':
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/ActionCompleted'
#       description: 200 Response
#     default:
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/Error'
#       description: unexpected error
#   security:
#   - cookieAuth: []
#   summary: Edit an existing source
# post:
#   requestBody:
#     content:
#       application/json:
#         schema:
#           $ref: '#/components/schemas/defaultWidgetArgs'
#   responses:
#     '200':
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/SourceList'
#       description: 200 Response
#     default:
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/Error'
#       description: unexpected error
#   security:
#   - cookieAuth: []
#   summary: Fetches a list of all sources for this organisation
# put:
#   requestBody:
#     content:
#       application/json:
#         schema:
#           $ref: '#/components/schemas/SourceListAdd'
#     required: true
#   responses:
#     '200':
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/ActionCompleted'
#       description: 200 Response
#     default:
#       content:
#         application/json:
#           schema:
#             $ref: '#/components/schemas/Error'
#       description: unexpected error
#   security:
#   - cookieAuth: []
#   summary: Add a new source
#
########################################################################


"""
This is the source list handler for Kibble
"""

import json
import os
import re
import time
import hashlib
import yaml

from kibble.settings import YAML_DIRECTORY


def canModifySource(session):
    """ Determine if the user can edit sources in this org """

    dOrg = session.user["defaultOrganisation"] or "apache"
    if session.DB.ES.exists(index=session.DB.dbname, doc_type="organisation", id=dOrg):
        xorg = session.DB.ES.get(
            index=session.DB.dbname, doc_type="organisation", id=dOrg
        )["_source"]
        if session.user["email"] in xorg["admins"]:
            return True
        if session.user["userlevel"] == "admin":
            return True
    return False


def run(API, environ, indata, session):

    # We need to be logged in for this!
    if not session.user:
        raise API.exception(403, "You must be logged in to use this API endpoint! %s")

    method = environ["REQUEST_METHOD"]
    dOrg = session.user["defaultOrganisation"]

    if method in ["GET", "POST"]:
        # Fetch organisation data

        # Make sure we have a default/current org set
        if (
            "defaultOrganisation" not in session.user
            or not session.user["defaultOrganisation"]
        ):
            raise API.exception(
                400,
                "You must specify an organisation as default/current in order to add sources.",
            )

        if session.DB.ES.exists(
            index=session.DB.dbname, doc_type="organisation", id=dOrg
        ):
            org = session.DB.ES.get(
                index=session.DB.dbname, doc_type="organisation", id=dOrg
            )["_source"]
            del org["admins"]
        else:
            raise API.exception(404, "No such organisation, '%s'" % (dOrg or "(None)"))

        sourceTypes = indata.get("types", [])
        # Fetch all sources for default org

        res = session.DB.ES.search(
            index=session.DB.dbname,
            doc_type="source",
            size=5000,
            body={"query": {"term": {"organisation": dOrg}}},
        )

        # Secondly, fetch the view if we have such a thing enabled
        viewList = []
        if indata.get("view"):
            viewList = session.getView(indata.get("view"))
        if indata.get("subfilter") and indata.get("quick"):
            viewList = session.subFilter(indata.get("subfilter"), view=viewList)

        sources = []
        for hit in res["hits"]["hits"]:
            doc = hit["_source"]
            if viewList and not doc["sourceID"] in viewList:
                continue
            if sourceTypes and not doc["type"] in sourceTypes:
                continue
            if indata.get("quick"):
                xdoc = {
                    "sourceID": doc["sourceID"],
                    "type": doc["type"],
                    "sourceURL": doc["sourceURL"],
                }
                sources.append(xdoc)
            else:
                # Creds should be anonymous here
                if "creds" in doc:
                    del doc["creds"]
                sources.append(doc)

        JSON_OUT = {"sources": sources, "okay": True, "organisation": org}
        yield json.dumps(JSON_OUT)
        return

    # Add one or more sources
    if method == "PUT":
        if canModifySource(session):
            new = 0
            old = 0
            with open(os.path.join(YAML_DIRECTORY, "sourcetypes.yaml")) as f:
                stypes = yaml.load(f)
            for source in indata.get("sources", []):
                sourceURL = source["sourceURL"]
                sourceType = source["type"]
                creds = {}
                if not sourceType in stypes:
                    raise API.exception(400, "Attempt to add unknown source type!")
                if "optauth" in stypes[sourceType]:
                    for el in stypes[sourceType]["optauth"]:
                        if el in source and len(source[el]) > 0:
                            creds[el] = source[el]
                sourceID = hashlib.sha224(
                    ("%s-%s" % (sourceType, sourceURL)).encode("utf-8")
                ).hexdigest()

                # Make sure we have a default/current org set
                if (
                    "defaultOrganisation" not in session.user
                    or not session.user["defaultOrganisation"]
                ):
                    raise API.exception(
                        400,
                        "You must first specify an organisation as default/current in order to add sources.",
                    )

                doc = {
                    "organisation": dOrg,
                    "sourceURL": sourceURL,
                    "sourceID": sourceID,
                    "type": sourceType,
                    "creds": creds,
                    "steps": {},
                }
                if session.DB.ES.exists(
                    index=session.DB.dbname, doc_type="source", id=sourceID
                ):
                    old += 1
                else:
                    new += 1
                session.DB.ES.index(
                    index=session.DB.dbname, doc_type="source", id=sourceID, body=doc
                )
            yield json.dumps(
                {"message": "Sources added/updated", "added": new, "updated": old}
            )
        else:
            raise API.exception(
                403, "You don't have permission to add sources to this organisation."
            )

    # Delete a source
    if method == "DELETE":
        if canModifySource(session):
            sourceID = indata.get("id")
            if session.DB.ES.exists(
                index=session.DB.dbname, doc_type="source", id=sourceID
            ):
                # Delete all data pertainig to this source
                # For ES >= 6.x, use a glob for removing from all indices
                if session.DB.ESversion > 5:
                    session.DB.ES.delete_by_query(
                        index=session.DB.dbname + "_*",
                        body={"query": {"match": {"sourceID": sourceID}}},
                    )
                else:
                    # For ES <= 5.x, just remove from the main index
                    session.DB.ES.delete_by_query(
                        index=session.DB.dbname,
                        body={"query": {"match": {"sourceID": sourceID}}},
                    )
                yield json.dumps({"message": "Source deleted"})
            else:
                raise API.exception(404, "No such source item")
        else:
            raise API.exception(403, "You don't have permission to delete this source.")

    # Edit a source
    if method == "PATCH":
        pass
